Security and Compliance Administrator
Carebook
Security and Compliance Administrator
At Carebook, our mission is to create a world of connected health that empowers individuals and brings organizations towards a proactive and lifelong commitment to wellbeing. We believe in a world where everyone has the opportunity to be actively engaged and fully supported in managing and improving their overall health.
Established in 2014, Carebook is a publicly-traded company that acquired both InfoTech and CoreHealth Technologies in 2021, allowing us to expand our family of SaaS platforms to support the well-being journeys of over 5 million people and cater to Fortune 10 and 500 companies.
With well-being at the heart of everything we do, when you work at Carebook, you’re joining a multi-disciplinary team, passionate about solving problems through innovative technology and collaboration with a culture grounded in personal growth and well-being.
Having become certified a Great Place To Work and made the Best Workplaces in Quebec and Best Workplaces for Inclusion lists in 2022, our focus on our people shows and, although our team may be spread across the country as a remote company, we always have a team-first mentality in a remote-first and flexible environment so you can do your best work anywhere in Canada.
Position Summary
As a key member of the IT team, the Security and Compliance Administrator will ensure our IT systems and processes meet all necessary security, privacy, and compliance standards. This individual will be pivotal in monitoring, implementing, and maintaining IT policies and procedures to protect our data and infrastructure. With a strong background in Azure, Windows, IT security, compliance frameworks, and risk management, the ideal candidate will work with the IT team to keep systems current and updated, as well as researching potential risks by evaluating vendors and other external parties.
Key Responsibilities
Security & Compliance
- Implement IT security policies, procedures, and guidelines in accordance with industry standards and regulatory requirements.
- Conduct regular reviews and assessments of IT systems, networks, and applications to identify vulnerabilities and risks.
- Collaborate with IT team to design and implement security controls and solutions.
- Stay up-to-date with the latest security technologies and best practices to proactively address emerging threats.
- Onboard and offboard staff accounts ensuring HR requirements are met.
- Track resolution of Privacy and Security events.
- Monitor Risk Registrar, Privacy and Security KPI’s and provide reports.
- Work with the Privacy Officer to investigate security and privacy incidents, conduct root cause analysis, conduct Privacy Impact Assessments and implement corrective actions.
- Monitor security logs and alerts to promptly respond to security incidents or unauthorized activities.
- Work with the ISO27001 team to prepare and maintain documentation related to IT policies, procedures, and compliance efforts.
System Administration
- Diagnose and resolve hardware and software issues, ensuring minimal downtime and maintaining operational efficiency.
- Provide technical support to employees, addressing IT-related issues promptly and effectively to optimize user experience and productivity.
- Implement and monitor data backup and recovery operations, ensuring data integrity and adherence to organizational policies and regulatory requirements.
- Adhere to established disaster recovery plans, ensuring effective response to data loss or system failures, while maintaining compliance with policies and regulations.
Requirements
- Experience (5+ years) in IT security, compliance, or a related field.
- Understanding of security frameworks such as CIS, NIST, ISO 27001, etc.
- Familiarity with risk assessment methodologies and tools.
- Familiarity with cloud platforms such as Azure and Cloudflare.
- Experience with security technologies such as firewalls, intrusion detection/prevention systems, endpoint protection, etc.
- Strong analytical and problem-solving skills.
- Excellent communication and interpersonal abilities.
- Ability to work effectively both independently and as part of a team.
- Bachelor's degree in Computer Science, Information Technology, or related field is an asset.
- Certifications related to Information Security is an asset.
Perks of Working at Carebook
- High-quality Benefits – We offer comprehensive programs for compensation, health benefits (including telemedicine service with Maple available to both yourself & your family 24/7) and recognition
- Work-Life Balance – Remote work model + flexible hours
Diversity, Equity, and Inclusion
Carebook is an Equal Opportunity Employer. We’re dedicated to fostering an inclusive workplace and culture that is directly impacted by the various perspectives, backgrounds, and experiences of our Team Members. We’re committed to this because our core values demand it - values like Respect, Curiosity & Creativity and One Team. We believe that everyone can contribute something unique to the company, to our products and that teamwork makes the dream work. For these reasons, applicants from all backgrounds are encouraged to apply.